From patchwork Mon Feb  3 11:20:18 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232715
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=oFdANNjx;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53K6SPfz9sRs
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:29 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727398AbgBCLUY (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33246 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727244AbgBCLUY (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=9J6vMRqXwsp855kEhNzUy8m+HTiK0YbTGvnaOBpsjMI=;
	b=oFdANNjxPWw4XC0wEw/hZclOKc
	cIuDykVCNlPuc6VWUFq1BRa2CxVLQWhqIAoR9msWDFlYy02bhJRP3aDrFQZQZ9HS3aPYnAydAim2S
	nnfPRBMZ9tbl2bnUjYoYjnEBtVT9DZcy8PltkphgoytBag4vJ+U9dtXSv9mbEkXyKpMAb0xvYNL2x
	msKPlcpmycbr+mZn9qRzqPwnh9xByyIlWg3tuqfdyQmH0W3rHhXP2fJNRpb7HblDBRiNKamr/sXUX
	UYKVEGKKIBC5G80pN+tN3X9s9FEw7HZMaY6zXk2f0s6VImVY/s4WjDLoXpbguY+G8ZQNSO2EbcUU+
	WnmjWTAA==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmB-0007Br-8T
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:23 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 1/6] parser: add parenthesized statement expressions.
Date: Mon,  3 Feb 2020 11:20:18 +0000
Message-Id: <20200203112023.646840-2-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Primary and primary RHS expressions support parenthesized basic and
basic RHS expressions.  However, primary statement expressions do not
support parenthesized basic statement expressions.  Add them.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 src/parser_bison.y | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/src/parser_bison.y b/src/parser_bison.y
index 799f7a308b07..45cc013cfe28 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2992,18 +2992,19 @@ synproxy_sack		:	/* empty */	{ $$ = 0; }
 			}
 			;
 
-primary_stmt_expr	:	symbol_expr		{ $$ = $1; }
-			|	integer_expr		{ $$ = $1; }
-			|	boolean_expr		{ $$ = $1; }
-			|	meta_expr		{ $$ = $1; }
-			|	rt_expr			{ $$ = $1; }
-			|	ct_expr			{ $$ = $1; }
-			|	numgen_expr             { $$ = $1; }
-			|	hash_expr               { $$ = $1; }
-			|	payload_expr		{ $$ = $1; }
-			|	keyword_expr		{ $$ = $1; }
-			|	socket_expr		{ $$ = $1; }
-			|	osf_expr		{ $$ = $1; }
+primary_stmt_expr	:	symbol_expr			{ $$ = $1; }
+			|	integer_expr			{ $$ = $1; }
+			|	boolean_expr			{ $$ = $1; }
+			|	meta_expr			{ $$ = $1; }
+			|	rt_expr				{ $$ = $1; }
+			|	ct_expr				{ $$ = $1; }
+			|	numgen_expr             	{ $$ = $1; }
+			|	hash_expr               	{ $$ = $1; }
+			|	payload_expr			{ $$ = $1; }
+			|	keyword_expr			{ $$ = $1; }
+			|	socket_expr			{ $$ = $1; }
+			|	osf_expr			{ $$ = $1; }
+			|	'('	basic_stmt_expr	')'	{ $$ = $2; }
 			;
 
 shift_stmt_expr		:	primary_stmt_expr

From patchwork Mon Feb  3 11:20:19 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232709
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=tMIWQjza;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53H2VVFz9sRm
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:27 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727406AbgBCLUY (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33248 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727257AbgBCLUY (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=LXsxCAx33gxZBJljHWbJRxFEcyPvr+QoeGZZqx9y5vs=;
	b=tMIWQjzaL0HNCG7JaoM9ksUWQ2
	j7X+zRF1dqZyWq4Wjah84VGGoX9W1FJEYgamFz11w2dABI7i5/ZoJ7g75CWJzdlHfnG5X3GlLGHu8
	YYsgu+fF1ZHXFZzuKb6HcxewNbYHnXfwfkERaR5X+0NPc3AL0aF/w48Ta+OquzDGdFLpfDKB7q6Cu
	WYWwNMACghNTP+zvcROzl8HXNd0zIdPpLOKn3vEtqHpEtqGqGDjEtjXs5drhvwh9uUVFobRM6eefP
	s24rmdRSASoL1rVpxylUeXHDEvcWvYIAFtNTB1Fgjqfd+TzCLcmNCONqjVDqxbWApjP90c+ahtRaO
	/f0+YP5w==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmB-0007Br-D8
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:23 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 2/6] evaluate: correct variable name.
Date: Mon,  3 Feb 2020 11:20:19 +0000
Message-Id: <20200203112023.646840-3-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Rename the `lshift` variable used to store an right-shift expression to
`rshift`.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 src/evaluate.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/evaluate.c b/src/evaluate.c
index 09dd493f0757..966582e44a7d 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -450,7 +450,7 @@ static uint8_t expr_offset_shift(const struct expr *expr, unsigned int offset,
 
 static void expr_evaluate_bits(struct eval_ctx *ctx, struct expr **exprp)
 {
-	struct expr *expr = *exprp, *and, *mask, *lshift, *off;
+	struct expr *expr = *exprp, *and, *mask, *rshift, *off;
 	unsigned masklen, len = expr->len, extra_len = 0;
 	uint8_t shift;
 	mpz_t bitmask;
@@ -490,12 +490,12 @@ static void expr_evaluate_bits(struct eval_ctx *ctx, struct expr **exprp)
 					  BYTEORDER_BIG_ENDIAN,
 					  sizeof(shift), &shift);
 
-		lshift = binop_expr_alloc(&expr->location, OP_RSHIFT, and, off);
-		lshift->dtype		= expr->dtype;
-		lshift->byteorder	= expr->byteorder;
-		lshift->len		= masklen;
+		rshift = binop_expr_alloc(&expr->location, OP_RSHIFT, and, off);
+		rshift->dtype		= expr->dtype;
+		rshift->byteorder	= expr->byteorder;
+		rshift->len		= masklen;
 
-		*exprp = lshift;
+		*exprp = rshift;
 	} else
 		*exprp = and;
 

From patchwork Mon Feb  3 11:20:20 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232712
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=o9yVKzZq;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53J1CPmz9sRt
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:28 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727409AbgBCLU1 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:27 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33250 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727302AbgBCLUZ (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:25 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=8IfejBEIdHw373fWiXq3VePNx3BHue0N/FLp8vRxFgE=;
	b=o9yVKzZqSyPnW7Llznh+CJtziS
	bc7SsL9MQl0dV62Jqv55ocwVT9GpMkkr2upg5KsiRnb2ggMSCwbM4+XouhEsXV0jInjXMtBEturKx
	uj1R97p2248ITZm5nzagNuc35Sm+juA2NgoZXForlMTTZhCnAVlqlq2O2a//61HmuoiZJ183WMRoz
	6CGF1JZGrzT7t/kvoG1rUc8unj4etuoeFqXOIe0zzdHk6YtnB7djZP/fQFeUd4gxBmGmLxf4gkqxn
	PqTzPnETO4nMgHuxr2ntCfKp0ue9RpgFBDHcnUcIoDqPJshK2G/JA14mBdxcVXqEteHVqXkDPTckm
	UzZxF8Zg==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmB-0007Br-HT
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:23 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 3/6] evaluate: change shift byte-order to host-endian.
Date: Mon,  3 Feb 2020 11:20:20 +0000
Message-Id: <20200203112023.646840-4-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

The byte-order of the righthand operands of the right-shifts generated
for payload and exthdr expressions is big-endian.  However, all right
operands should be host-endian.  Since evaluation of the shift binop
will insert a byte-order conversion to enforce this, change the
endianness in order to avoid the extra operation.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 src/evaluate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/evaluate.c b/src/evaluate.c
index 966582e44a7d..ef2dcb5ce78f 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -487,7 +487,7 @@ static void expr_evaluate_bits(struct eval_ctx *ctx, struct expr **exprp)
 	if (shift) {
 		off = constant_expr_alloc(&expr->location,
 					  expr_basetype(expr),
-					  BYTEORDER_BIG_ENDIAN,
+					  BYTEORDER_HOST_ENDIAN,
 					  sizeof(shift), &shift);
 
 		rshift = binop_expr_alloc(&expr->location, OP_RSHIFT, and, off);

From patchwork Mon Feb  3 11:20:21 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232711
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=tMIlDQBe;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53H5QMSz9sRs
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:27 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727366AbgBCLUZ (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:25 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33252 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727306AbgBCLUY (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=wOFfEFTjWwR4/TuAekGEhiH7+o06UHfgBdSDi7+teSQ=;
	b=tMIlDQBeeqxqMBLwQd//B/6FNg
	zoTrt+zfN1mUWFIyDID3RM/XidCyU+9G5MTOJiv8Zzt06VRak1fgahiW7e0M3Kb/6igObWxeDpNDc
	ZhuC2cWtDYVWoIx0+zoRU6h+CayzoAubpmvGhAmEp8zyQjkdwQuj4bDBl6PhoutWgYzvYe3PIamsx
	/T9b25ijxQTc1cvCV4vlCwbtQUfQ365E9yim3ljgekBUvia21buSm4hSDmm5/7czYNPLVckTNMtf4
	BH4W6XCC5Npnotj5JWaQAZERdm0HEC6EGEVHHw7wU80foz+YpyyDV5KY/Em2j4Z0mm6YlBox10QYd
	ZLMmLfGw==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmB-0007Br-M5
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:23 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 4/6] tests: shell: add bit-shift tests.
Date: Mon,  3 Feb 2020 11:20:21 +0000
Message-Id: <20200203112023.646840-5-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Add a couple of shell test-cases for setting the CT mark to a bitwise
expression derived from the packet mark and vice versa.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 tests/shell/testcases/chains/0040mark_shift_0         | 11 +++++++++++
 tests/shell/testcases/chains/0040mark_shift_1         | 11 +++++++++++
 .../shell/testcases/chains/dumps/0040mark_shift_0.nft |  6 ++++++
 .../shell/testcases/chains/dumps/0040mark_shift_1.nft |  6 ++++++
 4 files changed, 34 insertions(+)
 create mode 100755 tests/shell/testcases/chains/0040mark_shift_0
 create mode 100755 tests/shell/testcases/chains/0040mark_shift_1
 create mode 100644 tests/shell/testcases/chains/dumps/0040mark_shift_0.nft
 create mode 100644 tests/shell/testcases/chains/dumps/0040mark_shift_1.nft

diff --git a/tests/shell/testcases/chains/0040mark_shift_0 b/tests/shell/testcases/chains/0040mark_shift_0
new file mode 100755
index 000000000000..55447f0b9737
--- /dev/null
+++ b/tests/shell/testcases/chains/0040mark_shift_0
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+RULESET="
+  add table t
+  add chain t c { type filter hook output priority mangle; }
+  add rule t c oif lo ct mark set (meta mark | 0x10) << 8
+"
+
+$NFT --debug=eval -f - <<< "$RULESET"
diff --git a/tests/shell/testcases/chains/0040mark_shift_1 b/tests/shell/testcases/chains/0040mark_shift_1
new file mode 100755
index 000000000000..b609f5ef10ad
--- /dev/null
+++ b/tests/shell/testcases/chains/0040mark_shift_1
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+RULESET="
+  add table t
+  add chain t c { type filter hook input priority mangle; }
+  add rule t c iif lo ct mark & 0xff 0x10 meta mark set ct mark >> 8
+"
+
+$NFT -f - <<< "$RULESET"
diff --git a/tests/shell/testcases/chains/dumps/0040mark_shift_0.nft b/tests/shell/testcases/chains/dumps/0040mark_shift_0.nft
new file mode 100644
index 000000000000..52d59d2c6da4
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0040mark_shift_0.nft
@@ -0,0 +1,6 @@
+table ip t {
+	chain c {
+		type filter hook output priority mangle; policy accept;
+		oif "lo" ct mark set (meta mark | 0x00000010) << 8
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0040mark_shift_1.nft b/tests/shell/testcases/chains/dumps/0040mark_shift_1.nft
new file mode 100644
index 000000000000..56ec8dc766ca
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0040mark_shift_1.nft
@@ -0,0 +1,6 @@
+table ip t {
+	chain c {
+		type filter hook input priority mangle; policy accept;
+		iif "lo" ct mark & 0x000000ff == 0x00000010 meta mark set ct mark >> 8
+	}
+}

From patchwork Mon Feb  3 11:20:22 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232713
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=Kj4LFQbg;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53J4TRJz9sPK
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:28 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727496AbgBCLUZ (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:25 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33254 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727366AbgBCLUY (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=s1M7Tq3zuK7LKJxiGhvzc5i0R3g7YNRg5FeTNQ5oKq8=;
	b=Kj4LFQbg9FyPv6AoU0mM1WzReX
	32hB1E4qMockE7uSjjotbVw2Xw1HXaf2OsV5QubtvWz98FE7RfTCi4z1XDd7/cCr+uuEZbsvNaxMS
	1puMw4g7xmyNBlYu2GFzYQyjmDiF6zOkdPsd03SK8W/Uf25oI5ErdOu3XUTzcRcwCx7vQ4vfW+gug
	OrCKyRyXOeXxxBb3HgGBHBR/B28wQfoxSRI1wUlZ0SpBFt1q/lU7d8naovRvYVQir+jwlIu4508Uv
	EfVAaNiug2JDZTHkvSbABnY1iljqpsPWM21q85OweJ3JpGwUzYdkl/QopqFk6n7BbJwWGkFKVhpv9
	PbskOKew==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmB-0007Br-QU
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:23 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 5/6] tests: py: add missing JSON output.
Date: Mon,  3 Feb 2020 11:20:22 +0000
Message-Id: <20200203112023.646840-6-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

The JSON output was missing for some existing tests.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 tests/py/any/ct.t.json   | 23 +++++++++++++++++++++++
 tests/py/ip/meta.t.json  | 35 +++++++++++++++++++++++++++++++++++
 tests/py/ip6/meta.t.json | 35 +++++++++++++++++++++++++++++++++++
 3 files changed, 93 insertions(+)

diff --git a/tests/py/any/ct.t.json b/tests/py/any/ct.t.json
index 7c16f9df2195..8d56db2aaedb 100644
--- a/tests/py/any/ct.t.json
+++ b/tests/py/any/ct.t.json
@@ -499,6 +499,29 @@
     }
 ]
 
+# ct mark set ct mark or 0x00000001
+[
+    {
+        "mangle": {
+            "key": {
+                "ct": {
+                    "key": "mark"
+                }
+            },
+            "value": {
+                "|": [
+                    {
+                        "ct": {
+                            "key": "mark"
+                        }
+                    },
+                    1
+                ]
+            }
+        }
+    }
+]
+
 # ct mark 0x00000032
 [
     {
diff --git a/tests/py/ip/meta.t.json b/tests/py/ip/meta.t.json
index f873aa88598b..f83864f672d5 100644
--- a/tests/py/ip/meta.t.json
+++ b/tests/py/ip/meta.t.json
@@ -105,3 +105,38 @@
     }
 ]
 
+# meta sdif "lo" accept
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "sdif"
+                }
+            },
+            "op": "==",
+            "right": "lo"
+        }
+    },
+    {
+        "accept": null
+    }
+]
+
+# meta sdifname != "vrf1" accept
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "sdifname"
+                }
+            },
+            "op": "!=",
+            "right": "vrf1"
+        }
+    },
+    {
+        "accept": null
+    }
+]
diff --git a/tests/py/ip6/meta.t.json b/tests/py/ip6/meta.t.json
index 29cf9fd2d0cf..e72350f375e9 100644
--- a/tests/py/ip6/meta.t.json
+++ b/tests/py/ip6/meta.t.json
@@ -105,3 +105,38 @@
     }
 ]
 
+# meta sdif "lo" accept
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "sdif"
+                }
+            },
+            "op": "==",
+            "right": "lo"
+        }
+    },
+    {
+        "accept": null
+    }
+]
+
+# meta sdifname != "vrf1" accept
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "sdifname"
+                }
+            },
+            "op": "!=",
+            "right": "vrf1"
+        }
+    },
+    {
+        "accept": null
+    }
+]

From patchwork Mon Feb  3 11:20:23 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Sowden <jeremy@azazel.net>
X-Patchwork-Id: 1232714
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=azazel.net
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256
	header.s=20190108 header.b=fYuuJBaM;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48B53K2SyZz9sRm
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Feb 2020 22:20:29 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727541AbgBCLU1 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 3 Feb 2020 06:20:27 -0500
Received: from kadath.azazel.net ([81.187.231.250]:33256 "EHLO
	kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1727257AbgBCLUZ (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 3 Feb 2020 06:20:25 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net;
	s=20190108;
	h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=1eZaUGvUJYxikXyhF/0Nn9US3t8y2qxpRWZ6w9MgNp4=;
	b=fYuuJBaMuFLgyZBQBPEb8Ry0q3
	EeNmubYb/OiFQlW/5D/0cXFXwcc4xpYdFAjKsJntiZyVx+EdUF3MWwJsqH2A1V3RQIHd3qSKT0IBk
	AfXUSwaZHg3cLCB6aIQbrWIwOD6PZUF/HvGzBW5YSWfxqxvMwG6kg9I8sPLeaGuxQRI7/fjEXOypu
	E6R4B4BCXV0L2DHhash/QydvKJH0rOo4NFysZiHjckVDqhQrWRk3a7RQtYE1wWl1s2t4IKJ14PCny
	HB34BN4U3Qol0vy+0MnRwuJlegYT5sMf8KLwcNv/4RuUlY4IdUQyRN6I18j98XMnZ+4PwhbUOVqfN
	QeoHhr7Q==;
Received: from [2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]
	(helo=ulthar.dreamlands)
	by kadath.azazel.net with esmtp (Exim 4.92)
	(envelope-from <jeremy@azazel.net>) id 1iyZmC-0007Br-0S
	for netfilter-devel@vger.kernel.org; Mon, 03 Feb 2020 11:20:24 +0000
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [PATCH nft v4 6/6] tests: py: add bit-shift tests.
Date: Mon,  3 Feb 2020 11:20:23 +0000
Message-Id: <20200203112023.646840-7-jeremy@azazel.net>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20200203112023.646840-1-jeremy@azazel.net>
References: <20200203112023.646840-1-jeremy@azazel.net>
MIME-Version: 1.0
X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae
X-SA-Exim-Mail-From: jeremy@azazel.net
X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Add a couple of Python test-cases for setting the CT mark to a bitwise
expression derived from the packet mark and vice versa.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 tests/py/any/ct.t            |  1 +
 tests/py/any/ct.t.json       | 28 ++++++++++++++++++++++++++++
 tests/py/any/ct.t.payload    | 21 +++++++++++++++++++++
 tests/py/inet/meta.t         |  1 +
 tests/py/inet/meta.t.json    | 22 ++++++++++++++++++++++
 tests/py/inet/meta.t.payload |  6 ++++++
 6 files changed, 79 insertions(+)

diff --git a/tests/py/any/ct.t b/tests/py/any/ct.t
index ebc086445567..f65d275987cd 100644
--- a/tests/py/any/ct.t
+++ b/tests/py/any/ct.t
@@ -57,6 +57,7 @@ ct mark set 0x11333 and 0x11;ok;ct mark set 0x00000011
 ct mark set 0x12 or 0x11;ok;ct mark set 0x00000013
 ct mark set 0x11;ok;ct mark set 0x00000011
 ct mark set mark;ok;ct mark set meta mark
+ct mark set (meta mark | 0x10) << 8;ok;ct mark set (meta mark | 0x00000010) << 8
 ct mark set mark map { 1 : 10, 2 : 20, 3 : 30 };ok;ct mark set meta mark map { 0x00000003 : 0x0000001e, 0x00000002 : 0x00000014, 0x00000001 : 0x0000000a}
 
 ct mark set {0x11333, 0x11};fail
diff --git a/tests/py/any/ct.t.json b/tests/py/any/ct.t.json
index 8d56db2aaedb..59ac27c3055c 100644
--- a/tests/py/any/ct.t.json
+++ b/tests/py/any/ct.t.json
@@ -724,6 +724,34 @@
     }
 ]
 
+# ct mark set (meta mark | 0x10) << 8
+[
+    {
+        "mangle": {
+            "key": {
+                "ct": {
+                    "key": "mark"
+                }
+            },
+            "value": {
+                "<<": [
+                    {
+                        "|": [
+                            {
+                                "meta": {
+                                    "key": "mark"
+                                }
+                            },
+                            16
+                        ]
+                    },
+                    8
+                ]
+            }
+        }
+    }
+]
+
 # ct mark set mark map { 1 : 10, 2 : 20, 3 : 30 }
 [
     {
diff --git a/tests/py/any/ct.t.payload b/tests/py/any/ct.t.payload
index bdc6a70e3672..661591257804 100644
--- a/tests/py/any/ct.t.payload
+++ b/tests/py/any/ct.t.payload
@@ -329,6 +329,27 @@ ip test-ip4 output
   [ meta load mark => reg 1 ]
   [ ct set mark with reg 1 ]
 
+# ct mark set (meta mark | 0x10) << 8
+ip test-ip4 output
+  [ meta load mark => reg 1 ]
+  [ bitwise reg 1 = (reg=1 & 0xffffffef ) ^ 0x00000010 ]
+  [ bitwise reg 1 = ( reg 1 << 0x00000008 ) ]
+  [ ct set mark with reg 1 ]
+
+# ct mark set (meta mark | 0x10) << 8
+ip6 test-ip6 output
+  [ meta load mark => reg 1 ]
+  [ bitwise reg 1 = (reg=1 & 0xffffffef ) ^ 0x00000010 ]
+  [ bitwise reg 1 = ( reg 1 << 0x00000008 ) ]
+  [ ct set mark with reg 1 ]
+
+# ct mark set (meta mark | 0x10) << 8
+inet test-inet output
+  [ meta load mark => reg 1 ]
+  [ bitwise reg 1 = (reg=1 & 0xffffffef ) ^ 0x00000010 ]
+  [ bitwise reg 1 = ( reg 1 << 0x00000008 ) ]
+  [ ct set mark with reg 1 ]
+
 # ct mark set mark map { 1 : 10, 2 : 20, 3 : 30 }
 __map%d test-ip4 b
 __map%d test-ip4 0
diff --git a/tests/py/inet/meta.t b/tests/py/inet/meta.t
index df32332f0621..3638898b5dbb 100644
--- a/tests/py/inet/meta.t
+++ b/tests/py/inet/meta.t
@@ -16,3 +16,4 @@ meta ipsec exists;ok
 meta secpath missing;ok;meta ipsec missing
 meta ibrname "br0";fail
 meta obrname "br0";fail
+meta mark set ct mark >> 8;ok
diff --git a/tests/py/inet/meta.t.json b/tests/py/inet/meta.t.json
index 5501f0bec6ed..5c0e7d2e0e42 100644
--- a/tests/py/inet/meta.t.json
+++ b/tests/py/inet/meta.t.json
@@ -213,3 +213,25 @@
     }
 ]
 
+# meta mark set ct mark >> 8
+[
+    {
+        "mangle": {
+            "key": {
+                "meta": {
+                    "key": "mark"
+                }
+            },
+            "value": {
+                ">>": [
+                    {
+                        "ct": {
+                            "key": "mark"
+                        }
+                    },
+                    8
+                ]
+            }
+        }
+    }
+]
diff --git a/tests/py/inet/meta.t.payload b/tests/py/inet/meta.t.payload
index d7ff7e2d41fa..6ccf6d24210a 100644
--- a/tests/py/inet/meta.t.payload
+++ b/tests/py/inet/meta.t.payload
@@ -73,3 +73,9 @@ inet test-inet input
 inet test-inet input
   [ meta load secpath => reg 1 ]
   [ cmp eq reg 1 0x00000000 ]
+
+# meta mark set ct mark >> 8
+inet test-inet input
+  [ ct load mark => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 >> 0x00000008 ) ]
+  [ meta set mark with reg 1 ]